lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070408043552.24336.qmail@securityfocus.com> Date: 8 Apr 2007 04:35:52 -0000 From: john@...tinelli.com To: bugtraq@...urityfocus.com Subject: UBB.threads (<= 6.1.1) SQL Injection Vulnerability UBB.threads SQL Injection Vulnerability The variable 'C' in UBB.threads is susceptible to SQL injection. Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C=' Vulnerable: UBB.threads <= 6.1.1 Google d0rk: allintitle:"Forums powered by UBB.threads" John Martinelli john@...tinelli.com http://john-martinelli.com april 8th, 2007